The overhead is too much, we only audit when necessary. Usually for cases with Microsoft.
Daniel Ratliff From: [email protected] [mailto:[email protected]] On Behalf Of Ewing, Scott L Sent: Wednesday, July 30, 2014 9:44 AM To: [email protected] Subject: [mssms] RE: Security event logging I’m interested in what people are auditing on the workstations, not servers. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Ewing, Scott L Sent: Wednesday, July 30, 2014 9:40 AM To: [email protected]<mailto:[email protected]> Subject: [mssms] Security event logging How do you have your Windows security event log audit policy configured? Which categories do you have enabled for success logging? How about failure logging? What is the “best practice”? [cid:[email protected]] Thanks! The information transmitted is intended only for the person or entity to which it is addressed and may contain CONFIDENTIAL material. If you receive this material/information in error, please contact the sender and delete or destroy the material/information.
